Software Supply Chain How to Audit Your Software Supply Chain Security Digital threats are part of the development landscape, so how should you audit your software supply chain security to ensure you protect your pipeline? This blog will take you through the threats that are lurking and the steps you can follow to guard against them.
DevSecOps Improving Observability With Cloudsmith Logs Glimpse the golden insights Cloudsmith’s logs offer and see how easy it is to pull and analyze them like a pro.
OSS The Dangers Lurking in Open Source Software Our 1st blog in our series on securely consuming OSS. Today, I'll give an overview of some of the most common types of attacks from consuming OSS.
Software Supply Chain Securely Connect Cloudsmith to your CI/CD using OIDC Authentication Securely connect Cloudsmith to your CI/CD with OIDC. Cloudsmith now supports OIDC natively. OIDC tokens are a more secure way to handle authentication than long-lived credentials, and they remove the need to store your credentials in your CI/CD platform.
Cloudsmith Cloudsmith's Enhanced Security with Policy Management Learn all about how Cloudsmith ensures robust cloud-native software artifact management, emphasizing authentication, license compliance, and vulnerability mitigation, all while maintaining a holistic approach to security.
Events The EU Efforts To Secure Open Source Software [On-demand Session] Watch this session from Open Source Summit Dublin to learn more about the European Union's response to the ever-changing open source security landscape.
Events SBOMs: The New Standard in Supply Chain Security [On-demand Session] Watch this session from DevOps Con NYC to learn about this emerging standard, how it can improve the security of your supply chain, open source tools to help you generate and analyze SBOMs and the future of SBOMs.
Security How to Manage Your Vulnerability Workflows with Cloudsmith Scan your packages for vulnerabilities and never miss new vulnerabilities as they get discovered. Create actionable workflows by quarantining packages over defined vulnerability levels
Cloudsmith Featured Pricing: Building A Better Cloudsmith We dive into the details of why we're changing the pricing at Cloudsmith, what it means for you, and how we can help.